A queueing analysis for the denial of service (DoS) attacks in computer networks

Authors:
Yang Wang;Chuang Lin;Quan-Lin Li;Yuguang Fang
Affiliations:
Department of Computer Science and Technology, Tsinghua University, Beijing 100084, China;Department of Computer Science and Technology, Tsinghua University, Beijing 100084, China;Department of Industrial Engineering, Tsinghua University, Beijing 100084, China;Department of Electrical and Computer Engineering, University of Florida, Gainesville, FL 32611, United States
Venue:
Computer Networks: The International Journal of Computer and Telecommunications Networking
Year:
2007

Citing 4
Cited 7

Matrix multiplication via arithmetic progressions

Journal of Symbolic Computation - Special issue on computational algebraic complexity
A framework for classifying denial of service attacks

Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Inferring internet denial-of-service activity

SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Defending against flooding-based distributed denial-of-service attacks: a tutorial

IEEE Communications Magazine

Queueing Analysis for Networks Under DoS Attack

ICCSA '08 Proceedings of the international conference on Computational Science and Its Applications, Part II
Traffic Engineering Based Attack Detection in Active Networks

ICDCN '09 Proceedings of the 10th International Conference on Distributed Computing and Networking
Mathematical model for low-rate DoS attacks against application servers

IEEE Transactions on Information Forensics and Security
Performance analysis of email systems under three types of attacks

Performance Evaluation
Security analysis of enterprise network based on stochastic game nets model

ICC'09 Proceedings of the 2009 IEEE international conference on Communications
PSO-SFDD: Defense against SYN flooding DoS attacks by employing PSO algorithm

Computers & Mathematics with Applications
Modeling computer virus with the BSDE approach

Computer Networks: The International Journal of Computer and Telecommunications Networking

Quantified Score

Hi-index	0.01

Visualization

Abstract

In most network security analysis, researchers mainly focus on qualitative studies on security schemes and possible attacks, and there are few papers on quantitative analysis in the current literature. In this paper, we propose one queueing model for the evaluation of the denial of service (DoS) attacks in computer networks. The network under DoS attacks is characterized by a two-dimensional embedded Markov chain model. With this model, we can develop a memory-efficient algorithm for finding the stationary probability distribution which can be used to find other interesting performance metrics such as the connection loss probability and buffer occupancy percentages of half-open connections for regular traffic and attack traffic. Different from previous works in the literature, this paper gives a more general analytical approach to the study of security measures of a computer network under DoS attacks. We hope that our approach opens a new avenue to the quantitative evaluation of more complicated security schemes in computer networks.